Sony Ericsson Canada was among the latest Sony online properties to be hacked and lose customer records. Sites in Indonesia and Thailand were also compromised and take down. (Source: Wayfaring)

Should Sony quit the internet?

It's
almost unprecedented. We haven't seen something quite like this, since --
well, the days of the great Sony Corp. (6758) battery
recall. It seems like every day there's a new Sony web
property that's been compromised.

This time around hackers have struck Sony Ericsson’s Eshop online
store for mobile phones in Canada, making off with 2,000 customer records.
The records include names, email addresses and encrypted passwords,
Sony wrote in a statement it released late yesterday.

Idahca, a Lebanese hacking group, has claimed
responsibility in a Pastebin dump of user records for the
attack. The hackers said that they could have gathered more sensitive
details like credit cards, but declined to.

Sony sites in Thailand and Indonesia were also compromised, bringing the total
of major breaches to 10 or possibly 11, based on our accounting. It
appears that all of these sites were infiltrated using the same SQL injection
attack route (affectionately nicknamed a "Little Bobby Tables"
attack), which took down the Sony BMG Greece and Japan sites earlier this week.
Sony appears to have done nothing effective to prevent its other sites,
even after the earlier compromises.

Credit card information is stored on an e-commerce website, a standalone
platform. This platform is separate from the servers on which the user
database is found. Idahca's comments indicate that the group claims to
have had access to the e-commerce servers as well. Sony has shut down
both the user server and the e-commerce servers, while it tries to investigate
the breach.

Phil Lieberman, CEO of online security consulting firm Lieberman Software, said Sony
made a fatal mistake in the flagrantly hostile approach it took towards the
hacking community, with regards to Linux on the Sony PlayStation 3 --
a use it initially promoted. He states, "Telling them to bring it on
is not the best strategy. I think Sony is beginning to understand it horribly
underinvested in security."

Sony is confident it will pay only $2 USD per lost record from its various web
properties. That's less than 1 percent of the average payout of $318 USD
per lost record that was the average in 2010. And in recent years the
cost of data lost has tended to increase by a factor of 1.5 each year.
Clearly Sony is hoping for some sort of miracle to save it financially.

Sony also needs some sort of miracle to prevent more attacks. Even with
plenty of forewarning, Sony still looks as inept as ever; utterly clueless at
securing its online properties. The company clearly is lost as to what to
do. Of course -- worst case scenario -- Sony could always quit the
internet.

Regarding Linux removal, that could have been countered by some fat class action lawsuit... have people really cared for it. Do you really think stealing personal details/credit cards from people already "hurt" by Linux removal was the way to go?

Publishing copy protection crack openly and not expecting majority of people who reach for it will not use it for pirating games? Please.

Regarding that Geo douche, he was asking for publicity - so he got some more than he expected. His hack could have been released quietly but no, he had to steal the show. And at the end, he was let really easily. People get sued by RIAA for hundreds of thousand $ for leaching couple of songs, and this guy opens 40-million-user market to pirating and goes away with a small slap on his hand and big NO-NO? Does it make Sony really that evil? Why don't hackers have a peek at RIAA instead?!?

As it was said - great powers, great responsibility. Something hackers should learn, or be made to learn. Just because you can do something doesn't mean you can do it and go with it.

I agree Sony should open Playstation Store to homebrew apps and games - like Apple's iOS AppStore. Screen apps and remove harmful ones, but let good stuff reach people. I wouldn't mind having decent web browser, Skype, better media player... but that is something to be negotiated with Sony, not enforced by stealing innocent people details.